Difference between revisions of "Authorization Code flow description"
Pavel.lobko (talk | contribs) |
Pavel.lobko (talk | contribs) |
||
| Line 1: | Line 1: | ||
{{DISPLAYTITLE:OAuth2 Access code flow using i2Rest bridge mode description}} | {{DISPLAYTITLE:OAuth2 Access code flow using i2Rest bridge mode description}} | ||
| + | The authorization code grant type is used to obtain both access | ||
| + | tokens and refresh tokens and is optimized for confidential clients. | ||
| + | Since this is a redirection-based flow, the client must be capable of | ||
| + | interacting with the resource owner's user-agent (typically a web | ||
| + | browser) and capable of receiving incoming requests (via redirection) | ||
| + | from the authorization server. | ||
[[File:Bridge flow scheme.png|600px]] | [[File:Bridge flow scheme.png|600px]] | ||
---- | ---- | ||
[[I2Rest_Client|Back to i2Rest Client]] | [[I2Rest_Client|Back to i2Rest Client]] | ||
Revision as of 14:33, 22 May 2020
The authorization code grant type is used to obtain both access
tokens and refresh tokens and is optimized for confidential clients. Since this is a redirection-based flow, the client must be capable of interacting with the resource owner's user-agent (typically a web browser) and capable of receiving incoming requests (via redirection) from the authorization server.
